Article Details

Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

Threat Analysis using N-median Outlier Detection Method with Deviation Score

Author 1: Pattabhi Mary Jyosthna
Author 2: Konala Thammi Reddy

Download PDF

Digital Object Identifier (DOI) : 10.14569/IJACSA.2021.0120866

Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 12 Issue 8, 2021.

Abstract: Any organization can only operate optimally if all employees fulfil their roles and responsibilities. For the majority of tasks and activities, each employee must collaborate with other employees. Every employee must log their activities related with their roles, responsibilities, and access permissions. Some users may deviate from their work or abuse their access rights in order to gain a benefit, such as money, or to harm an organization's reputation. Insider threats are caused by these types of users/employees, and those users are known as insiders. Detecting insiders after they have caused damage is more difficult than preventing them from posing a threat. We proposed a method for determining the amount of deviation a user has from other users in the same role group in terms of log activities. This deviation score can be used by role managers to double-check before sharing sensitive information or granting access rights to the entire role group. We first identified the abnormal users in each individual role, and then used distance measures to calculate their deviation score. In a large data space, we considered the problem of identifying abnormal users as outlier detection. The user log activities were first converted using statistics, and the data was then normalized using Min-Max scalar standardization, using PCA to transform the normalized data to a two-dimensional plane to reduce dimensionality. The results of N-Median Outlier Detection (NMOD) are then compared to those of Neighbour-based and Cluster-based outlier detection algorithms.

Keywords: Organizational roles; insider threats; outlier detection; deviation score

Pattabhi Mary Jyosthna and Konala Thammi Reddy, “Threat Analysis using N-median Outlier Detection Method with Deviation Score” International Journal of Advanced Computer Science and Applications(IJACSA), 12(8), 2021. http://dx.doi.org/10.14569/IJACSA.2021.0120866

@article{Jyosthna2021,
title = {Threat Analysis using N-median Outlier Detection Method with Deviation Score},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2021.0120866},
url = {http://dx.doi.org/10.14569/IJACSA.2021.0120866},
year = {2021},
publisher = {The Science and Information Organization},
volume = {12},
number = {8},
author = {Pattabhi Mary Jyosthna and Konala Thammi Reddy}
}

IJACSA

Upcoming Conferences

IntelliSys 2021

2-3 September 2021

Future Technologies Conference (FTC) 2021

28-29 October 2021

Future of Information and Communication Conference (FICC) 2022

3-4 March 2022

Computing Conference 2022

14-15 July 2022